This is a legal agreement allows the entity placing an order (“Customer”) to purchase the Tripwire ExpertOps Service from Tripwire, Inc. (“Tripwire”), The Tripwire ExpertOps Service may delivered either remotely or hosted in the cloud by Tripwire, which may include cloud services, and professional services that support Customer’s use of the Tripwire ExpertOps Service. If you are ordering the services as an employee, the legal entity that employs you is the Customer. Your employer may have already accepted a version of the terms and conditions in this Agreement by signing an ExpertOps service agreement. In all other circumstances, you are binding your employer to this Agreement by placing an order for the service. Unless an ExpertOps service agreement has been signed by Customer and an authorized representative of Tripwire, this Agreement and the applicable quotation contain the parties' entire understanding relating to the subject matter and supersede all prior or contemporaneous agreements. IF YOU DO NOT, OR THE CUSTOMER DOES NOT, AGREE TO THESE TERMS AND CONDITIONS, IMMEDIATELY STOP USING THE SERVICE, AND DESTROY AND CERTIFY DESTRUCTION OF THE SOFTWARE AND ALL ACCOMPANYING ITEMS.
The parties agree as follows:
1. DEFINITIONS
“Administrative Data” means limited personal contact information, such as name, telephone number and email address, of a party’s representatives who are directly involved in the administration and management of the Agreement and the Services provided under the Agreement, including, without limitation, personal contact information of registered users provided as part of the Services registration process.
"Affiliate" means another person or entity that, directly or indirectly, controls, is controlled by or is under common control with a party, where control means owning a beneficial interest (directly or indirectly) in more than 50% of the outstanding shares or securities or other ownership interest entitled to vote for the election of directors or similar managing authority. An entity shall be an Affiliate only as long as such control is maintained. Customer may order and use Services on behalf of its Affiliates and may allow Affiliates to use Services; Customer is responsible for its Affiliates’ use in compliance with the Agreement terms.
“Agreement” means the terms of this document, the Service Description, the Service Level Agreement, Service and/or Software-specific terms at www.tripwire.com/terms, the applicable Tripwire quotation, and Orders.
“Authorized Use” means use of the Services by a User for the internal business purposes of Customer or Affiliates for lawful purposes during a Term, for up to the number and type of monitored nodes and capabilities identified in an Order. Authorized Use does not include using the Service for the benefit of third parties (other than Affiliates), unless otherwise mutually agreed by the parties in an executed amendment to this Agreement.
"Cloud Service" means an online, web-based application made available to Customer by Tripwire as part of the Service in addition to the Software.
"Collected Data" means technical data generated from use of the Services regarding use, performance and types of environments scanned, which Tripwire may collect and use on an aggregated, anonymized basis only to (a) optimize and improve its products and services, or otherwise operate Tripwire’s business; and/or (b) analyze, publish and report on industry trends. Collected Data does not include Customer Content.
“Confidential Information” has the meaning given in Section 5.2 below.
“Customer Content” means all Customer system information provided by Customer, and configuration information accessed or managed by Tripwire in the performance of the Services, excluding Administrative Data and Collected Data.
“ExpertOps Service” means the managed service offering hosted by Tripwire, as described in the Service Description, including any updates, enhancements, and new features to such offering that Tripwire makes available during the Term at no additional charge. The ExpertOps Service also includes the installation, implementation, and configuration of Software related to use of the ExpertOps Service, provided by Tripwire.
“Order” means a purchase order accepted by Tripwire for Services under this Agreement. Orders are used to identify the Customer, Services, Service Tier and pricing, and are governed exclusively by the terms of this Agreement. Any additional or conflicting terms in a purchase order are not effective and are expressly declined. Terms in this Agreement relating to pricing, discounts and payments do not apply to Orders placed through an authorized reseller or distributor, which terms will be negotiated between Customer and the reseller or distributor. Resellers and distributors are not authorized to modify this Agreement or make additional representations, commitments or warranties binding on Tripwire.
“Remote Operations” means the remote management by Tripwire of Customer’s on-premise Software, as described in the Service Description. Remote Operations also includes any updates, enhancements, and new features to such offering that Tripwire makes available during the Term at no additional charge. Remote Operations requires at least one year of support. Tripwire will provide Customer with technical support and new releases that Tripwire makes generally available in accordance with Tripwire’s Support Policies in effect at the commencement of each support term, found at www.tripwire.com/terms.
“Professional Services” means professional consulting services and training offerings, provided by Tripwire as set forth at https://www.tripwire.com/terms. Examples of such additional Professional Services are listed in the Service Description under ‘Excluded Services.’ Such Professional Services are available on a time and expense basis and will be quoted separately.
“Protected Data” means sensitive data related to individuals such as personally identifiable information, protected health information, financial or credit information related to individuals, and other sensitive data protected by laws or regulations.
“Service” means, except where specifically stated otherwise, both Tripwire ExpertOps and Tripwire ExpertOps for Remote Operations. Service does not include Professional Services or Cloud Services, as those offerings are made available under the terms as set forth at www.tripwire.com/terms.
“Service Description” means the description of Services for the Service Tier, in effect at the commencement of each Term, found at www.tripwire.com/terms.
“Service Level Agreement” or “SLA” is the ExpertOps Service Level Agreement for the Service Tier, in effect at the commencement of each Term, found at www.tripwire.com/terms.
“Service Tier” ” means the Services level (defined in the Services Description) selected by Customer, as identified in the Order.
“SLA Credit” means a credit issued by Tripwire under the terms of the Service Level Agreement.
“Software” means (a) for Remote Operations, Tripwire software products purchased separately by Customer and installed on Customer systems by Customer or, if purchase, with the assistance of Tripwire Professional Services; and (b) for ExpertOps Services, Tripwire software products, identified in an Order, used to provide the ExpertOps Service during the Term, including all new releases provided by Tripwire as part of the ExpertOps Service during the Term. Notwithstanding any reference to “purchase” in this Agreement or any Order, Software is licensed, not sold.
“Term” means the initial minimum period of time for which Customer commits to purchase and pay for Services, as set forth in an Order, or any subsequent, sequential Service period for which Customer places an Order. Unless stated otherwise in an Order, each Term will be twelve months.
"User" means an employee of Customer or an Affiliate, or a third party authorized by Customer or an Affiliate to use the Services, who has been supplied user identification and password by Customer or an Affiliate (or by Tripwire at Customer’s request). Third parties must be under confidentiality obligations to Customer or the Affiliate which extend to the protection of Tripwire’s intellectual property and Confidential Information with terms no less protective than this Agreement.
2. ORDERS; FEES
2.1 Orders. The Agreement allows Customer to purchase Services identified in Orders and commits Tripwire to provide the Services specified in Orders. All Software is delivered electronically.
2.2 Fees and Payment.
(a) For Services ordered by Customer directly from Tripwire, Tripwire will invoice Customer for the Service fees annually in advance, payable net thirty (30) days subject to credit approval, unless the Tripwire quotation states otherwise. If a Tripwire quotation includes a separate line item with a not-to-exceed cap for reimbursable expenses, Tripwire will invoice Customer for such expenses, at cost, on a monthly basis as incurred, up to the not-to-exceed amount.
(b) For Services ordered by Customer through a channel partner, Customer will pay the channel partner in accordance with the terms agreed between them. Customer acknowledges that Tripwire’s performance of any Services purchased through a channel partner is contingent upon Tripwire’s receipt and acceptance of a purchase order from the channel partner, and the channel partner’s payment of the applicable fees to Tripwire.
(c) If any sum payable to Tripwire is not paid by the due date, Tripwire reserves the right, without prejudice to any other remedy, to (i) charge interest on such overdue sum on a day to day basis from the due date until paid in full the lesser of one and one-half percent per month or the maximum rate permitted by applicable law; and/or (ii) suspend the provision of the Services on five days prior notice, until paid in full. All fees paid or payable for Services are non-cancellable and non-refundable.
(d) Fees quoted by Tripwire do not include customs, duties, taxes, or other similar charges, which Tripwire will invoice separately. Unless Customer provides proof of exemption to Tripwire, Tripwire will invoice Customer for applicable sales, value add or similar transaction-based taxes, if any, itemized separately. Proof of exemption includes a resale certificate, an exemption certificate, a direct-pay permit or a letter from the tax jurisdiction authorizing the exemption. If Customer is required by law to withhold any tax from the payment, Customer will provide to Tripwire original or certified copies of all tax payment receipts or other evidence of payment of taxes by Customer with respect to transactions under this Agreement. If Customer fails to provide Tripwire with such tax payment receipts, if applicable, then Customer will reimburse Tripwire for any fines, penalties, taxes and other governmental agency charges resulting from such failure.
3. SERVICES AND SOFTWARE LICENSE
3.1 The Service.
(a) The Service will be provided as described in the Service Description and SLA, according to the applicable Service Tier, during the Term. The Service includes access to Tripwire customer support as described in the Service Description. Customer may increase the number of monitored nodes and/or upgrade the service tier during a Term by placing an Order and paying the applicable fees.
(b) The Remote Operations offering is provided in full month increments and the initial Service Term begins on the first day of the month in which the Service is activated. For ExpertOps Services, the initial Service Term (i) begins on the day in which Tripwire provides to Customer user access credentials to the ExpertOps console, proxy appliances, and Tripwire Enterprise agents for download, and (ii) continues for the Term specified in the Order. The Term will not automatically renew; Customer must place an Order for each renewal Term. Tripwire may notify Customer of the planned end of availability of a given Service by giving at least twelve (12) months prior written notice before such end of Service availability. This notice may be given by email to Customer’s then-current business or technical contact, and/or by publication on the applicable interface(s) through which Customer’s administrator interacts with the Service. During such notice period, Tripwire will continue to provide the Service as described in this Agreement.
(c) Customer’s access to and use of the Services from certain countries may be restricted by applicable laws and may be subject to technical limitations of the Services.
3.2 Professional Services.
Unless superseded by an agreement signed by the Customer and Tripwire since 2010 applicable to Professional Services, Tripwire will provide the Professional Services described in an Order and as set forth in the professional services agreement found at https://www.tripwire.com/terms. The scope of the Professional Services may be further defined in one or more engagement letters or statements of work issued by Tripwire, each of which shall be governed by this Agreement.
(b) If it is necessary for Tripwire to have access (either on-site or remotely) to Customer’s network or computer systems to perform the Professional Services, Tripwire shall limit its use only to those computer systems, files, software or services authorized by Customer which are reasonably required to perform the Professional Services. Tripwire shall follow Customer’s safety and security rules and procedures which are provided to Tripwire in writing prior to commencement of the Professional Services.
(c) If the Tripwire quotation includes a line item for reimbursable expenses, Tripwire shall be reimbursed for reasonable out-of-pocket expenses incurred in connection with the Professional Services, in accordance with Tripwire’s guidelines which will be provided upon request. Expenses may include, but are not limited to, airfare and other transportation, lodging, meals, and incidentals. Total expenses shall not exceed the not-to-exceed amount as quoted by Tripwire. Expenses will be invoiced monthly as incurred, at Tripwire’s cost without mark-up.
3.3 Software License.
This Section 3.3 only applies to the ExpertOps Service. It does not apply to Remote Operations and any Software managed by Remote Operations is governed by the applicable license terms under which it was purchased.
(a) The ExpertOps Service includes a nontransferable, nonexclusive license to install and use the Software in machine-readable, object or executable code form for the Authorized Use. Software, including all copies and documentation, are copyrighted, trade secret and Confidential Information of Tripwire or its licensors, who maintain exclusive title to all Software and retain all rights not expressly granted by this Agreement. Customer and Affiliates may copy the Software as reasonably necessary to support the Authorized Use of the ExpertOps Service. All copies remain the property of Tripwire or its licensors.
(b) Customer shall not, and shall ensure that its Affiliates do not: (i) loan, distribute or otherwise transfer the Software without Tripwire’s prior written consent; (ii) use the Software or allow its use for developing, enhancing or marketing any product that is competitive with the Software; or (iii) disclose to any third party the results of or information pertaining to any testing of the Software against a third party’s products for the purpose of competitive comparison. Any attempted transfer without Tripwire’s prior written consent shall be a material breach of this Agreement and may, at Tripwire’s option, result in the immediate termination of the license, Services and this Agreement.
(c) Except as otherwise permitted for interoperability as required by applicable law, Customer shall not (a) reverse-assemble, reverse-compile, reverse-engineer, decrypt, in any way derive or otherwise attempt to discover the source code, analyze the source code, techniques, processes, algorithms, know-how or other information of the Software, or permit or induce the foregoing, in order to determine its construction, composition, or operation of the Software; (b) make any modification, adaptation, improvement, enhancement, translation or derivative work from the Software; (c) copy, frame, or mirror any part of the Software; (d) remove, alter or obscure any proprietary notice, including any notice of copyright or trademark of Tripwire; (e) use the Software for any revenue generating endeavor, commercial enterprise, or other purpose for which it is not designed or intended. If Customer wishes to exercise any rights to reverse-engineer to ensure interoperability in accordance with applicable law, Customer shall first provide Tripwire with written notice and all reasonably requested information to [email protected]. Tripwire shall assess the claim and may offer alternatives that reduce any adverse impact on Tripwire’s intellectual property or other rights.
3.4 Cloud Services.
In the event Tripwire makes Cloud Services available to Customer as part of the Service, the terms of the Master Subscription Agreement, including capability-specific terms, shall apply to Customer’s use of the Cloud Service (the “Subscription Agreement”), as set forth at www.tripwire.com/terms. The term of your Subscription Agreement is effective during the term of this Agreement and will expire on the same day as this Agreement, unless renewed separately. To the extent that any terms of the Subscription Agreement conflict with the terms of this Agreement, the Subscription Agreement shall control with respect to use of Cloud Service.
3.5 Government Rights. The Service and Software is deemed commercially available services and commercial computer software as defined in FAR 12.212, and are subject to Tripwire’s commercial licensing/use terms, as required by FAR Section 52.227-19 “Commercial Computer Licensed Software – Restricted Rights” and DFARS 227.7202, “Rights in Commercial Computer Licensed Software or Commercial Computer Licensed Software Documentation”, as applicable, and any successor regulations, whether delivered by Tripwire as on-premise or hosted services. Any use, modification, reproduction, release performance, display or disclosure of the Service and Software by the U.S. government shall be solely in accordance with the terms of this Agreement. For purposes of this Agreement, the Services are defined as all of the functions and capabilities described in the Service Description, regardless of whether such functions and capabilities operate independently, interdependently or in conjunction with third party applications.
4. CUSTOMER’S RESPONSIBILITIES
4.1 Authorized Use.
(a) Customer will only allow Users to use the Service for Authorized Use. Customer assumes responsibility for selecting the appropriate Services and Service Tier to achieve Customer’s intended results, and for Customer’s use and application of information resulting from the Services. Customer shall use commercially reasonable efforts to prevent unauthorized access to or use of the Services and shall notify Tripwire promptly of any such unauthorized access or use. Except for Administrative Data, Tripwire does not require, and Customer shall not provide Protected Data to Tripwire under this Agreement. Customer is responsible for using the Service and information resulting from the Service in compliance with applicable laws and regulations, including data privacy laws and regulations.
(b) Customer shall not: (i) allow anyone other than Users to access the Service, (ii) sell, resell, rent, lease or create derivate works based on the Service; (iii) copy, frame or mirror any part or content of the Service, other than copying or framing on Customer’s own intranets or otherwise for Customer’s Authorized Use; (iv) provide, store or transmit material in violation of third party privacy rights or applicable law; (v) use the Service to store or transmit harmful or malicious code, files, scripts, agents or programs; (vi) interfere with or disrupt the integrity or performance of the Service; (vii) attempt to gain unauthorized access to the Service or related systems or networks; or (viii) use the Service for the purpose of developing, enhancing or marketing any service that is competitive with the Service, or disclose to any third party the results of or information pertaining to any performance benchmark relating to the Service.
4.2 Cooperation. Customer will cooperate reasonably, and in good faith with Tripwire in its delivery of the Service, by, without limitation:
(a) allocating sufficient and suitable resources for scheduling and actively participating in scheduled kickoff calls with managed services engineers in a timely manner;
(b) assigning an internal project manager to serve as a primary point of contact for Tripwire;
(c) timely performing such tasks reasonably necessary to enable Tripwire to deliver the Service;
(d) timely responding to Tripwire’s inquiries related to the managed services or Professional Services, as applicable; and
(e) providing complete, accurate and timely feedback as reasonably required.
4.3 Delays. Any delays in Tripwire’s ability to perform Professional Services or deliver the Service caused by Customer may result in additional applicable charges for Tripwire resource time.
4.4 PCI DSS Responsibility Matrix. The parties acknowledge that, except for Remote Operations, compliance with specific PCI DSS requirements for cardholder data environments that the Service accesses shall be the responsibility of Customer, Tripwire, or shared, as enumerated in the PCI DSS responsibility matrix, available upon request. Tripwire will not be liable for the disclosure, monitoring, loss, alteration or corruption of Customer Content to the extent it results from Customer’s failure to implement reasonable security measures to protect against unauthorized use of facilities, computers, network access devices or passwords.
4.5 Restoring Customer Content. In the event of any inadvertent deletion or corruption of any Customer Content that is stored on the ExpertOps Service, Tripwire will use commercially reasonable efforts to restore the deleted or corrupted Customer Content from the latest backup of such Customer Content that Tripwire maintains in accordance with Tripwire’s standard archival procedures. TRIPWIRE’S EFFORTS TO RESTORE DELETED OR CORRUPTED CUSTOMER CONTENT PURSUANT TO THIS SECTION 4.3 WILL CONSTITUTE CUSTOMER’S SOLE AND EXCLUSIVE REMEDY AND TRIPWIRE’S SOLE LIABILITY FOR OF ANY DELETION OR CORRUPTION OF CUSTOMER CONTENT. This Section 4.5 does not apply to Remote Operations.
5. PROPRIETARY RIGHTS; CONFIDENTIALITY
5.1 Ownership.
(a) All intellectual property rights that are owned or controlled by a party at the commencement of the Services shall remain under the ownership or control of such party throughout the Term and thereafter. As between Tripwire and Customer, Customer exclusively owns all rights, title and interest in and to all Customer Content. Subject to the limited rights expressly granted hereunder, Tripwire reserves all rights, title and interest in and to the Services, including all Collected Data, Software, and all related intellectual property rights. Tripwire shall not disclose the Collected Data in any manner in which the Collected Data could be attributed to Customer or Customer’s use of the Services. No rights are granted to Customer hereunder other than as expressly set forth herein.
(b) Tripwire does not offer custom development engagements for new software applications or other software products under this Agreement. Neither party intends that the Service shall include or result in the creation, conception or development of any creative work, inventions, or innovations ("Created Work"). In the event Tripwire does create, conceive or develop Created Work as a result of the performance of the Service, Tripwire shall own such Created Work, and hereby grants to Customer a royalty-free, non-exclusive, worldwide, fully paid, limited license to use and practice the Created Work for its internal business purposes in conjunction with the authorized use of the Service during the Term.
(c) Customer may choose, but is not required, to provide suggestions, data or other information to Tripwire regarding possible improvements in the operation, functionality or use of the Services. Any resulting inventions, improvements, modifications or developments, made by Tripwire, at its sole discretion, are Tripwire’s exclusive property.
5.2 “Confidential Information" means: (a) Customer Content, Customer’s host names, User names and passwords; (b) Customer’s security or business practices; (c) information regarding Customer’s suppliers, employees or customers; (d) non-public information provided by Tripwire regarding the Service or Software, including product and service pricing, trade secrets, road maps and development plans relating thereto; (e) the specific business terms set forth in any quotation, Order, or this Agreement; and (f) personal information, as defined under applicable data privacy regulations.
5.3 Exclusions from Confidential Information. Confidential Information does not include information that: (a) is or becomes generally known or available to the public through no act or omission of the recipient (“Recipient”); (b) is rightfully known to or received by Recipient prior to receiving such information from the other party (“Disclosing Party”) without restriction as to use or disclosure; or (c) is independently developed by Recipient without use of Confidential Information and without a breach of this Agreement. The existence of this Agreement and the nature of the business relationship between the parties are not Confidential Information.
5.4 Protection of Confidential Information. Except as otherwise permitted in writing by the Disclosing Party: (a) the Recipient will use Confidential Information received from the other party solely for the purpose of performing activities contemplated under this Agreement; (b) the Recipient will use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but in no event less than reasonable care) not to disclose or use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement; and (c) the Recipient will limit access to Confidential Information of the Disclosing Party to those of its employees, contractors and agents who need such access for purposes consistent with this Agreement and who have signed confidentiality agreements with the Recipient containing protections no less stringent than those herein. Customer agrees to keep all log-in identifications and passwords confidential and not to transfer or disclose them to other individuals or third parties. The parties acknowledge that a violation of the Recipient’s obligations with respect to Confidential Information of the Disclosing Party may cause irreparable harm to the Disclosing Party for which a remedy at law would be inadequate. In addition to any and all remedies available at law, the Disclosing Party will be entitled to seek an injunction or other equitable remedies in all legal proceedings in the event of any threatened or actual breach of this Section 5.
5.5 Protection of Customer Content. For ExpertOps Services, excluding Remote Operations, Tripwire will maintain administrative, physical, and technical safeguards for the purpose of protecting the security, confidentiality and integrity of Customer Content, as described in the SOC 2 audit in effect at the commencement of a Term, which is available on request. Tripwire will use commercially reasonable efforts to avoid (a) disclosing Customer Content except as compelled by law in accordance with Section 5.6 or as expressly permitted in writing by Customer; or (b) accessing Customer Content except to provide the Services or prevent or address service or technical problems, or at Customer’s request in connection with customer support matters.
5.6 Compelled Disclosure. The Recipient may disclose Confidential Information of the Disclosing Party if it is compelled by law to do so; provided that the Recipient gives the Disclosing Party prior notice of such compelled disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party's cost, if the Disclosing Party wishes to contest the disclosure. If the Recipient is compelled by law to disclose the Disclosing Party's Confidential Information as part of a civil proceeding to which the Disclosing Party is a party, and the Disclosing Party is not contesting the disclosure, the Disclosing Party will reimburse the Recipient for its reasonable cost of compiling and providing secure access to such Confidential Information.
5.7 No Protected Data. Other than Administrative Data, Tripwire does not require access to, and Customer shall not provide, Protected Data. If Customer inadvertently discloses any Protected Data in the course of receiving Services, Tripwire will (a) at Customer’s direction either return such information to Customer or destroy such information as soon as Tripwire becomes aware of such disclosure; and (b) treat such information as Confidential Information under the terms of this Agreement.
5.8 Data Privacy. The parties shall comply with applicable data protection legislation in regard to the collection, processing and use of any personal information which may be received in connection with the performance of obligations under this Agreement. Each party may provide Administrative Data to the other party. Recipient may store the Administrative Data in databases located and accessible globally by their respective personnel and use it for purposes reasonably necessary to the administration of this Agreement. To the extent that Tripwire processes any Personal Data (as defined in the data processing addendum) contained in Customer Content, on Customer’s behalf, or in the provision of the Service, the terms of the data processing addendum, available at www.tripwire.com/terms, shall apply and the parties agree to comply with such terms.
6. LIMITED WARRANTY
6.1 ExpertOps Service. During each Term, Tripwire will provide the Service in a professional and workmanlike manner and to standards not less than those generally accepted in the industry, in substantial conformance to the terms of this Agreement, including without limitation, the Service Description and Service Level Agreement. TRIPWIRE’S ENTIRE LIABILITY AND CUSTOMER’S EXCLUSIVE REMEDY FOR A BREACH OF THE WARRANTY IN THIS SECTION 6.1 WILL BE TO PROVIDE THE APPLICABLE SLA CREDIT TO CUSTOMER AS DESCRIBED IN THE SERVICE LEVEL AGREEMENT, PROVIDED CUSTOMER HAS GIVEN TRIPWIRE A WRITTEN REQUEST FOR THE SLA CREDIT WITHIN 10 DAYS AFTER THE DATE ON WHICH THE EVENT GIVING RISE TO THE SLA CREDIT OCCURRED.
6.2 Disclaimer of Other Warranties. THE LIMITED WARRANTIES SET FORTH IN THIS SECTION 6 ARE EXCLUSIVE. NEITHER TRIPWIRE NOR ITS LICENSORS OFFER ANY OTHER WARRANTIES, TERMS OR CONDITIONS, EXPRESS, IMPLIED OR STATUTORY, WITH RESPECT TO THE SERVICES OR SOFTWARE PROVIDED UNDER THIS AGREEMENT. TRIPWIRE OFFERS NO WARRANTY THAT THE SERVICES OR SOFTWARE WILL DETECT OR PROTECT AGAINST ALL THREATS OR BE ERROR-FREE OR FREE FROM INTERRUPTIONS OR OTHER FAILURES. TRIPWIRE AND ITS LICENSORS SPECIFICALLY DISCLAIM ALL IMPLIED WARRANTIES, TERMS, CONDITIONS, AND REPRESENTATIONS: (a) OF MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT OF INTELLECTUAL PROPERTY, AND (b) ARISING OUT OF COURSE OF DEALING, USAGE OR TRADE. No oral or written information or advice given by Tripwire or Tripwire’s authorized representatives shall create a warranty or other obligations on behalf of Tripwire. Customer assumes full responsibility for selecting the appropriate Services, configurations, and policies to achieve its intended results, and for the use and application of information provided by Tripwire as a result of the Service.
7. INDEMNIFICATION
7.1 Tripwire will defend or settle any action brought against Customer and indemnify Customer against all costs, damages and reasonable attorneys’ fees that are finally awarded against Customer or are included in a settlement to which Tripwire is a party, to the extent those amounts are based upon a claim arising during a Term that the Service or Software directly infringes any copyright or misappropriates any trade secret or infringes any U.S. patent. As conditions to Tripwire’s obligations under this Section 7.1, Customer must: (a) notify Tripwire promptly in writing of the action; (b) provide Tripwire all reasonable information and assistance to settle or defend the action at Tripwire’s request and expense; and (c) grant Tripwire sole authority and control of the defense or settlement of the action. Tripwire will not be responsible for any compromise made or expense incurred without its prior written consent.
7.2 If a claim is made under Section 7.1, Tripwire shall at its expense either: (a) replace or modify the Service or Software so that it becomes non-infringing; (b) procure for Customer the right to continue using the Service or Software; or (c) if neither 7.2(a) nor 7.2(b) is commercially reasonable, require the discontinuation of the infringing Service or removal and destruction of the infringing Software, and refund to Customer any prepaid the fees paid for the balance of the current Term.
7.3 Tripwire is not liable for claims based on: (a) combination of the Service or Software with any product not furnished by Tripwire, if the claim would not have arisen in the absence of such combination; (b) modification of Software or Service other than by Tripwire; (c) continued use of infringing Software or Services after Tripwire, for no additional charge, has provided modified or replacement non-infringing Software or Services; or (d) Services or Software not used in accordance with this Agreement.
THIS SECTION 7 SETS FORTH TRIPWIRE’S SOLE AND EXCLUSIVE OBLIGATIONS, AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDIES, WITH RESPECT TO INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS OF ANY KIND RELATING TO THE SERVICE OR SOFTWARE. EXCEPT AS SET FORTH ABOVE, TRIPWIRE AND ITS LICENSORS DISCLAIM ALL IMPLIED OBLIGATIONS WITH RESPECT TO INTELLECTUAL PROPERTY INDEMNIFICATION.
7.5 At Tripwire’s request, Customer shall defend or settle any action brought against Tripwire and indemnify against costs, damages and reasonable attorneys’ fees that are finally awarded against Tripwire or are included in a settlement to which Customer is a party, to the extent those amounts are based upon a claim arising from: (a) Customer’s unlawful or unauthorized use of the Services; (b) Customer’s failure to maintain secure and compliant systems independent of the Service; or (c) a third party claim in relation to Customer Content provided by Customer to Tripwire. Customer will not be responsible for any compromise made or expense incurred without its prior written consent.
8. LIMITATION OF LIABILITY; INSURANCE
8.1 Tripwire’s liability will not be limited or excluded in relation to death or personal injury caused by its negligence or intentional misconduct (or that of its employees or agents), fraudulent misrepresentation, or any other liability which cannot be excluded by law.
8.2 IN NO EVENT WILL TRIPWIRE BE LIABLE FOR PUNITIVE, EXEMPLARY, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING WITHOUT LIMITATION DAMAGES ARISING FROM ANY LOSS OF REVENUE, PROFITS, OR FOR THE COST OF PROCURING SUBSTITUTE SERVICES, OR FOR THE LOSS OF USE OF ANY SERVICES, OR FOR ANY INTERRUPTION OF BUSINESS, WHETHER SUCH LIABILITY ARISES FROM ANY CLAIM BASED UPON CONTRACT, WARRANTY, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, EVEN IF TRIPWIRE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
8.3 EXCEPT AS PROVIDED IN SECTION 8.1 AND SUBJECT TO SECTION 8.2, IN NO EVENT WILL TRIPWIRE’S TOTAL LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT, FROM ALL CAUSES OF ACTION AND ALL THEORIES OF LIABILITY, EXCEED THE AMOUNT PAID OR PAYABLE BY CUSTOMER FOR THE SERVICE DURING THE TERM IN WHICH THE CLAIM AROSE. The fees reflect the allocation of risk set forth in this Agreement.
8.4 Tripwire’s Services and Software are developed for general use in a variety of information management environments. They are not designed for use in a situation in which use or failure of the Services or Software could lead to death or serious bodily injury of any person, or severe physical or environmental damage (“High Risk Activities”). Examples of High Risk Activities include, without limitation, the design or operation of nuclear facilities, aircraft navigation or communication systems, air traffic control, weapons systems, or direct life-support systems. If Customer uses Tripwire Services or Software in High Risk Activities, Customer shall be solely responsible for taking all appropriate fail-safe, backup, redundancy and other measures to ensure the safe use of such Services and Software. Notwithstanding anything to the contrary in this Section 8, TRIPWIRE DISCLAIMS ANY LIABILITY FOR ANY DAMAGES CAUSED BY USE OF THE SERVICES OR SOFTWARE IN HIGH RISK ACTIVITIES.
8.5 INSURANCE. Tripwire will maintain, at no additional cost to Customer, the insurance coverage types and minimum amounts of insurance shown below during the Term:
(a) Commercial General Liability (Occurrence): $1,000,000 each occurrence; $2,000,000 general aggregate
(b) Automobile Liability, including hired autos and non-owned autos: $1,000,000 combined single limit
(c) Umbrella Liability (Occurrence): $6,000,000 each occurrence; $6,000,000 aggregate
(d) Workers Compensation and Employers’ Liability: Statutory limits for Workers Compensation, $1,000,000 each accident
(e) Professional & Technical Errors and Omissions, including Information Security and Privacy: $3,000,000 each occurrence, with the following sub-limits for the Information Security and Privacy coverage: $250,000 for PCI fines, expenses and costs; and $100,000 for forensic expenses.
All policies required by this Agreement will be written by insurance carriers who are rated A- or better by A.M. Best, except for a state compensation insurance fund when not specifically rated. Upon request, Tripwire will provide to Customer a certificate of insurance indicating the coverage required in this section.
9. NON-SOLICIT
During the Term and for six months thereafter, if Customer employs or engages as a consultant an individual who has been assigned by Tripwire as a resource for delivery of the Service, then Customer shall pay to Tripwire a fee of $150,000, as liquidated damages and not as a penalty.
10. TERMINATION
10.1 Termination. This Agreement will be effective during the Term, unless terminated sooner as described in this Section 10.1.
(a) In the event Tripwire or Customer materially breaches this Agreement, the breaching party shall have 30 days to cure such breach, after receiving written notice from the other party specifying in reasonable detail the basis for the claimed breach. If the breach is not substantially cured within the notice period, the nonbreaching party shall be entitled to immediately terminate this Agreement.
(b) Either party may terminate this Agreement immediately if the other party becomes the subject of a voluntary or involuntary petition in bankruptcy or any involuntary proceeding relating to insolvency, receivership, liquidation, or similar action for the benefit of creditors as a consequence of debt, or if the other party otherwise ceases or threatens to cease doing business.
10.2. Effect of Termination. On expiration or termination of this Agreement:
(a) For Remote Operations, Within thirty (30) days of termination or expiration of the Term, Tripwire will (i) decommission the mechanism for connecting to the Customer environment; and (ii) return any Customer equipment provided by Customer to enable Tripwire to provide the Service.; Upon Customer request, Tripwire will deliver a final close out document to Customer within thirty (30) days of termination or expiration of the Term.
(b) For ExpertOps Services, excluding Remote Operations, Tripwire will provide Customer with an export of Customer’s console configuration data, file system configuration data, and a backup of Customer’s database within five business days of Customer’s request, provided that Customer makes the request before or within thirty (30) days after termination. After such thirty-day period, Tripwire will have no obligation to maintain or provide any Customer Content to Customer, and Tripwire will, unless legally prohibited, delete all Customer Content stored in the Services or otherwise in Tripwire’s possession or under Tripwire’s control. Nothing in this Agreement will be deemed to require Tripwire to return or destroy any Collected Data in Tripwire’s possession or control following the termination of this Agreement.
(c) All Software licenses granted hereunder for ExpertOps Service will automatically terminate. Customer shall remove and destroy all copies of such Software, and, on Tripwire’s written request, certify the removal and destruction of such copies.
(d) Tripwire will be entitled to invoice and be paid for all Services provided up to the effective date of termination, and all outstanding invoices shall be immediately due and payable.
(e) Sections 1, and 5 through 10 will survive.
11. GENERAL TERMS
11.1 Relationship. The relationship of Customer and Tripwire with respect to the performance of the Services is that of independent contractors. Tripwire will be solely responsible for compensating and providing required workers compensation insurance for its employees who provide the Service. Subject to the protection of Customer’s Confidential Information, nothing in this Agreement prohibits Tripwire from performing similar or identical services for other parties.
11.2. Assignment. Any assignment or transfer of this Agreement by the Customer is prohibited without the prior written consent of Tripwire, and any attempted transfer or assignment without such consent shall be void and without force or effect. The terms of this Agreement shall be binding on permitted successors in interest and assigns.
11.3 Third Party Code. The Software contains or is accompanied by certain third-party software components (“Third-Party Code”) identified at www.tripwire.com/terms (“Third Party Notices”). The Third-Party Notices may include important licensing and liability disclaimers from the Third-Party Code licensors. Customer’s use of Third-Party Code in conjunction with the Software in accordance with this Agreement is permitted under all such Third-Party Notices. Customer acknowledges that Section 7.1 of this Agreement does not apply to the Third-Party Code.
11.4. Governing Law. This Agreement will be governed by and construed under the laws of the State of Oregon, USA, excluding choice of laws rules. Any action or proceeding arising from or relating to this Agreement, must be brought in a federal court in the District of Oregon or in state court in Multnomah County, Oregon, and each party irrevocably submits to the jurisdiction and venue of any such court in any such action or proceeding. This Section 11.4 does not restrict Tripwire’s right to bring an action against Customer in the jurisdiction where Customer’s place of business is located. The United Nations Convention on Contracts for the International Sale of Goods does not apply to this Agreement.
11.5. Severability; Modification; Notices; Waiver.If a court of competent jurisdiction finds any provision of this Agreement invalid or unenforceable, that provision will be enforced to the maximum extent permissible and the other provisions of this Agreement will remain in full force and effect. This Agreement may only be modified in writing by authorized representatives of the parties. All notices required or authorized under this Agreement must be in writing and will be sent, as applicable, to the party’s address at the beginning of this Agreement. Waiver of terms or excuse of breach must be in writing and will not constitute subsequent consent, waiver or excuse.
11.6. Compliance with Laws. Each party will comply with all applicable laws and regulations with respect to its activities under this Agreement including, but not limited to, the export laws and regulations of the U.S. and other applicable jurisdictions, and economic sanctions regulations administered by the Office of Foreign Assets Control and similar restrictions issued by U.S. and other governments prohibiting the provision of Services or Software to specified destinations, end-users and end uses. Without limiting the foregoing Customer will not permit Users to access or use Services in violation of any applicable export, data privacy or data transfer restriction.
11.7. Force Majeure. Neither party shall be liable for default or delay in performing its obligations due to unforeseen circumstances or causes beyond its reasonable control, as long as such causes continue and the party continues to use commercially reasonable efforts to resume performance. If any default or delay extends for more than 60 days, the other party shall have the right, without obligation or liability, to cancel the Service or portion thereof affected by such default or delay.
11.8. Entire Agreement. This Agreement (including all documents referenced herein) constitutes the entire and exclusive agreement between the parties with respect to its subject matter and supersedes all prior communications, proposals, representations, agreements and understandings, whether written or oral, relating to its subject matter. Purchases under this Agreement are made based solely on the terms of this Agreement, are not contingent on the delivery of additional future functionality or features and are not dependent on any statements made by Tripwire or its representatives regarding future functionality or features. No modification, amendment, or waiver of any provision of this Agreement will be effective unless in writing and either signed or accepted electronically by a duly authorized representative of each party. To the extent of any conflict or inconsistency between the provisions in the body of this Agreement and any exhibit or addendum hereto, the terms of such exhibit or addendum will prevail.